The complete WEFT specification: the Managed Governed Artifact (content, classification, provenance), the mint to classify to distribute to pull to observe to refine lifecycle, Governed Convergence and Governed Refinement, the two provenance profiles, the EATP and PACT seams, and the data-protection and public-transparency floors.
Read the full specification →WEFT: Woven Ecosystem for Federated Trust
CARE, EATP, CO, and PACT answer what an autonomous agent should do and how to trust it. WEFT answers a different, orthogonal question: once a governed artifact is created in one repository of a federated ecosystem, how does it reach every other member with its provenance intact, stay convergent on a single source of truth under governance, and feed a human-gated refinement loop?
Most federations solve this ad hoc. An artifact is copied from one repository to another, its history is lost in the copy, the two versions drift, and no one can say which is authoritative or where a given change originated. WEFT specifies the cascade that prevents this: a single mint, provenance-preserving propagation, governed convergence on one source of truth, and a refinement loop that a human gates rather than an agent.
What “trust” means here, and what it does not
Section titled “What “trust” means here, and what it does not”WEFT’s name uses “trust” in a precise sense: the federation staying coherent and attributable under governance. This is deliberately not agent trust-verification, which is EATP’s lane. The boundary is a load-bearing design decision, not a nuance:
- WEFT’s provenance stops at attribution: which artifact came from where, and how it changed. It does not sign, and it does not resolve identity.
- Signing and identity cross a well-defined seam to EATP. A WEFT provenance event is the subject that an EATP Audit Anchor signs and anchors. WEFT owns the event format; EATP owns the trust semantics.
The two standards compose across that seam; they do not overlap. If you are looking for how an agent’s actions are cryptographically verified, that is EATP. WEFT is about how the governed artifacts themselves travel and stay coherent.
What WEFT defines
Section titled “What WEFT defines”The cascade. A governed artifact is minted once, then propagates to every federation member as a reviewable proposal, never a silent overwrite, carrying its full provenance. Members converge on a single source of truth under governance rather than accumulating divergent copies.
Two named properties, both human-gated:
- Governed Convergence: the federation is kept on one source of truth by a pull-initiated, human-gated process. It is never autonomous. Convergence is proposed to a human, not enacted by an agent.
- Governed Refinement: improvements flow back through the same human-gated loop, so the artifact and its governance improve together without an agent editing the source of truth on its own.
Two profiles. A community profile provides traceability with unsigned provenance. An enterprise profile adds non-repudiable, tamper-evident provenance by having EATP sign and anchor each event. The enterprise profile depends on EATP v3, which is drafted but not yet released, so it is not yet constructible by adopters; the community profile stands on its own today.
Where WEFT sits in the family
Section titled “Where WEFT sits in the family”WEFT is a cascade and distribution standard. It composes with the other four rather than overlapping them: the artifacts it cascades may be CARE, CO, or PACT artifacts, but WEFT is agnostic to their content. It answers the one question the other four do not: how governance itself propagates and stays coherent across a federation of repositories.
Maturity and evidence
Section titled “Maturity and evidence”WEFT is honest about its evidence base. It is derived from one reference implementation, deployed across three organisations, each adapting it to its own environment. That is real multi-organisation, multi-tenant deployment, but one implementation in the formal standards sense. On that evidence it has been advanced to Candidate: stable for implementation, breaking changes strongly discouraged.
Domain-independence is demonstrated: beyond software artifacts, the three-organisation deployment cascades regulatory and standards content (EU AI Act, ISO/IEC 27001, ISO/IEC 42001, sectoral frameworks) through the full lifecycle in production. The remaining gap to Published is implementation-independence: a published conformance suite and at least one independent implementation built from this specification that interoperates through it. Both are open and tracked.
The specification is licensed under CC BY 4.0. The reference implementation is Apache 2.0, Foundation-owned, donated irrevocably by the individual contributor.